Pre-boot securing of operating system (OS) for endpoint evaluation
First Claim
1. In a computing system environment, a method of securing an operating system of a computing device, comprising:
- identifying a last evaluation status of the computing device as the computing device undertakes a last recording event;
upon a next booting of the computing device, loading a pre-boot operating system before said operating system;
by the pre-boot operating system, determining if the last evaluation status requires any completion action; and
if so, effectuating the completion action.
16 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus involve evaluating endpoint computing assets. The endpoint has both a traditional operating system for applications, and the like, and another operating system during a pre-boot phase of operation. During use, the traditional operating system identifies a last evaluation status of the computing device at a time just prior to shutting down. Upon a next booting, the pre-boot operating system loads and examines [reads] the last evaluation status. If the last evaluation status requires any completion action in order to comply with a predetermined computing policy, either or both the operating systems attend to its effectuation, including communication/handoff by way of one or more security agents. In a variety of ways, effectuation occurs by: determining a present location of the computing device, quarantining the computing device from certain network traffic; VPN enforcement; patching applications; firewall involvement; etc. Computer program products are also disclosed.
-
Citations
23 Claims
-
1. In a computing system environment, a method of securing an operating system of a computing device, comprising:
-
identifying a last evaluation status of the computing device as the computing device undertakes a last recording event; upon a next booting of the computing device, loading a pre-boot operating system before said operating system; by the pre-boot operating system, determining if the last evaluation status requires any completion action; and if so, effectuating the completion action. - View Dependent Claims (2, 3, 4, 6, 7, 8)
-
-
9. In a computing system environment, a method of securing an operating system of a computing device having a processor, memory and storage upon which the operating systems interacts during use, comprising:
-
configuring a computing operating system and a pre-boot operating system on the processor; by the computing operating system, identifying a last evaluation status of the computing device as the computing device undertakes a last recording and writing the last evaluation status on a shared portion of the storage or memory available to both the computing and pre-boot operating systems; upon a next booting of the computing device, loading the pre-boot operating system; by the pre-boot operating system, examining the last evaluation status in the shared portion of the storage or memory; determining if the last evaluation status requires any completion action; and if so, effectuating the completion action.
-
-
10. In a computing system environment, a method of securing an operating system of a computing device, comprising:
-
identifying a last evaluation status of the computing device as the computing device shuts down; upon a next booting of the computing device, loading a pre-boot operating system before said operating system; by the pre-boot operating system, examining the last evaluation status; determining if the last evaluation status requires any completion action; and if so, from the pre-boot operating system to said operating system handing-off the completion action for effectuation. - View Dependent Claims (11, 12)
-
-
13. In a computing system environment, a method of securing an operating system of a computing device having a processor, memory and storage upon which the operating systems interacts during use, comprising:
-
configuring a computing operating system and a pre-boot operating system on the processor; upon booting the computing device, effectuating communication between the computing operating system and the pre-boot operating system by way of an embedded agent; and upon shutting down the computing device, identifying a last evaluation status of the computing device by the computing operating system so that upon a subsequent booting of the computing device the pre-boot operating system can ascertain whether the last evaluation status requires a completion action and, if so, using the agent to inform the computing operating system of the completion action.
-
-
14. A computing device, comprising:
-
a hardware platform including a processor, memory and available storage; and a computing operating system and a pre-boot operating system on the processor each having access to a shared portion of the memory or available storage whereby a last evaluation status is configured to be written to and read from regarding whether a completion action is required of the last evaluation status in order to comply with a predetermined computing policy established for the computing device, the last evaluation status of the computing device being configured to be obtained by the computing operating system just prior to shutting down of the computing device. - View Dependent Claims (15, 16, 17)
-
-
18. A computing device, comprising:
-
a hardware platform including a processor, memory and available storage; and a computing operating system and a pre-boot operating system on the processor each having access to a shared portion of the memory or available storage; and a security agent configured on one or both of the computing and pre-boot operating systems such that upon shutting down the computing device a last evaluation status of the computing device is configured to be identified by the computing operating system so that upon a subsequent booting of the computing device the pre-boot operating system can ascertain whether the last evaluation status requires a completion action and, if so, using the security agent to inform the computing operating system of the completion action.
-
- 19. A computer program product for loading on a computing device to secure an operating system of the computing device, the computer program product having executable instructions that upon shutting down the computing device identify, by the operating system, a last evaluation status of the computing device so that upon a subsequent booting of the computing device a pre-boot operating system can ascertain whether the last evaluation status requires a completion action and, if so, enabling communication between the operating system and the pre-boot operating system regarding effectuation of the completion action.
-
23. In a computing system environment, a method of evaluating a computing asset having an operating system and serving as an endpoint in the computing system environment, comprising:
-
configuring a pre-boot operating system on a processor of the computing asset; upon a next booting of the computing asset, securely loading the pre-boot operating system before said operating system; and determining if a status of the computing asset complies with a predetermined computing policy, the status being earlier obtained during a last recording event by the operating system.
-
Specification